From: [EMAIL PROTECTED]
Operating system: Linux 64bit
PHP version: 5.2.5RC1
PHP Bug Type: MySQLi related
Bug description: mysqli segfaults on shutdown after mysql_enable_rpl_parse()
Description:
------------
mysql_enable_rpl_parse() changes (breaks) mysql connect struct somehow, so
that after using this function MySQLi crashes on shutdown, or on mysql
connect struct destruction to be precise.
Not sure if the problem is in MySQLi or on libmysqlclient, but the latter
seems to be more likely.
Reproduce code:
---------------
<?php
//See ext/mysqli/tests/mysqli_enable_rpl_parse.phpt.
include "connect.inc";
$link = mysqli_connect($host, $user, $passwd, $db, $port, $socket));
mysqli_enable_rpl_parse($link);
?>
Expected result:
----------------
.
Actual result:
--------------
GDB backtrace:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 47731063565936 (LWP 12002)]
0x0000000000894869 in zend_mm_check_ptr (heap=0xecb2c0, ptr=0x10c7b68,
silent=1, __zend_filename=0xc1f738 "/local/qa/5_3/Zend/zend_opcode.c",
__zend_lineno=258, __zend_orig_filename=0x0, __zend_orig_lineno=0) at
/local/qa/5_3/Zend/zend_alloc.c:1409
1409 if (memcmp(end_magic, &_mem_block_end_magic,
END_MAGIC_SIZE)==0) {
(gdb) bt
#0 0x0000000000894869 in zend_mm_check_ptr (heap=0xecb2c0, ptr=0x10c7b68,
silent=1, __zend_filename=0xc1f738 "/local/qa/5_3/Zend/zend_opcode.c",
__zend_lineno=258, __zend_orig_filename=0x0, __zend_orig_lineno=0) at
/local/qa/5_3/Zend/zend_alloc.c:1409
#1 0x0000000000895bba in _zend_mm_free_int (heap=0xecb2c0, p=0x10c7b68,
__zend_filename=0xc1f738 "/local/qa/5_3/Zend/zend_opcode.c",
__zend_lineno=258,
__zend_orig_filename=0x0, __zend_orig_lineno=0) at
/local/qa/5_3/Zend/zend_alloc.c:1897
#2 0x00000000008972a7 in _efree (ptr=0x10c7b68, __zend_filename=0xc1f738
"/local/qa/5_3/Zend/zend_opcode.c", __zend_lineno=258,
__zend_orig_filename=0x0,
__zend_orig_lineno=0) at /local/qa/5_3/Zend/zend_alloc.c:2265
#3 0x00000000008ae237 in destroy_op_array (op_array=0x10c77b0) at
/local/qa/5_3/Zend/zend_opcode.c:258
#4 0x00000000008b9f54 in zend_execute_scripts (type=8, retval=0x0,
file_count=3) at /local/qa/5_3/Zend/zend.c:1174
#5 0x000000000085afda in php_execute_script (primary_file=0x7fff6d82a840)
at /local/qa/5_3/main/main.c:2007
#6 0x000000000094e614 in main (argc=2, argv=0x7fff6d82aa78) at
/local/qa/5_3/sapi/cli/php_cli.c:1140
Valgrind log:
-------------
==12007== Invalid free() / delete / delete[]
==12007== at 0x4C226DB: free (in
/usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so)
==12007== by 0x7CFF30C: (within /usr/lib64/libmysqlclient.so.15.0.0)
==12007== by 0x7CFF609: mysql_close (in
/usr/lib64/libmysqlclient.so.15.0.0)
==12007== by 0x5FF20B: mysqli_link_free_storage (mysqli.c:237)
==12007== by 0x8E2685: zend_objects_store_del_ref_by_handle
(zend_objects_API.c:206)
==12007== by 0x8E24D5: zend_objects_store_del_ref
(zend_objects_API.c:168)
==12007== by 0x8B754D: _zval_dtor_func (zend_variables.c:52)
==12007== by 0x8A7BBB: _zval_dtor (zend_variables.h:35)
==12007== by 0x8A7DE3: _zval_ptr_dtor (zend_execute_API.c:415)
==12007== by 0x8B78D3: _zval_ptr_dtor_wrapper (zend_variables.c:175)
==12007== by 0x8C847D: zend_hash_apply_deleter (zend_hash.c:611)
==12007== by 0x8C8AB3: zend_hash_reverse_apply (zend_hash.c:760)
==12007== by 0x8A77BC: shutdown_destructors (zend_execute_API.c:212)
==12007== by 0x8B8FCA: zend_call_destructors (zend.c:848)
==12007== by 0x85A1D3: php_request_shutdown (main.c:1447)
==12007== by 0x94EF2D: main (php_cli.c:1321)
--
Edit bug report at http://bugs.php.net/?id=43124&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=43124&r=trysnapshot44
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=43124&r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=43124&r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=43124&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=43124&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=43124&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=43124&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=43124&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=43124&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=43124&r=support
Expected behavior: http://bugs.php.net/fix.php?id=43124&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=43124&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=43124&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=43124&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=43124&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=43124&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=43124&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=43124&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=43124&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=43124&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=43124&r=mysqlcfg
